APP: Microsoft .NET Framework CVE-2014-1806 Arbitrary Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft .NET Framework. A successful attack can allow a remote attacker to call arbitrary methods, leading to arbitrary code execution.
Extended Description
The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel Vulnerability."
Affected Products
Microsoft .net_framework
References
CVE: CVE-2014-1806
Short Name
APP:MSDOTNET-CVE-2014-1806
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
.NET Arbitrary CVE-2014-1806 Code Execution Framework Microsoft
Release Date
05/13/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/0-79,81-442,444-3127,3129-7999,8001-8079,8081-65535
False Positive
Unknown
Vendors
Microsoft
CVSS Score
10.0